UNC5174 Group’s Discord Bot Backdoor Malware
Recently, AhnLab SEcurity intelligence Center (ASEC) has identified an attack leveraging a backdoor malware that uses the Discord API to establish a Command and Control (C2) infrastructure, linked to the UNC5174 threat group [1]). UNC5174 employs an operational strategy designed to maintain long-term control after initial compromise by sequentially deploying
RAT Malware Operating via Discord Bot
Discord is a social platform where users can create servers to form communities and communicate in real-time, supporting voice, video, and text chat. While it initially gained popularity among gamers, it has now expanded into a space where groups with diverse interests gather to communicate. A Discord Bot is a
PYbot DDoS Malware Being Distributed Disguised as a Discord Nitro Code Generator
A major method through which threat actors distribute malware is by uploading them to sites disguised as cracks or illegal software. After a threat actor uploads their malware disguised as a crack or serial keygen for some paid software, users become infected by the malware while installing this illegal software.
